package com.itxiuyixiu.volunteer.config;

import com.itxiuyixiu.entity.enums.AuthorityType;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @author 黄磊
 * @date 2020/5/3
 */
@Order(3)
@Configuration
public class OrganizationSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.antMatcher("/organization/**")
                .authorizeRequests()
                .anyRequest().hasAuthority(AuthorityType.ROLE_VOLUNTEER_ORGANIZATION_ADMIN)
                .and().csrf().disable().cors();
    }
}
